Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0832

Malware in sbrugna...

7.5CVSS6.4AI score0.02756EPSS
Exploits0References5
Prion
Prion
added 2022/06/20 4:15 p.m.13 views

Design/Logic Flaw

In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check...

4.3CVSS7.5AI score0.01019EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/06/20 3:26 p.m.68 views

CVE-2022-33913

CVE-2022-33913 affects Mahara: versions 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2; the issue allows files to be downloaded through thumb.php without a permission check. The Red Hat and OpenVAS datasets corroborate the same description. The root cause is missing access control on thu...

7.5CVSS7.5AI score0.01019EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/10/21 4:15 p.m.6 views

CVE-2019-16986

In FusionPBX up to v4.5.7, the file resources\download.php uses an unsanitized "f" variable coming from the URL, which takes any pathname and allows a download of it. resources\securedownload.php is also affected...

6.5CVSS6.8AI score
Exploits0References3
Prion
Prion
added 2017/03/11 6:59 a.m.18 views

Input validation

F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the...

9.3CVSS8AI score0.0154EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/10/30 12:0 a.m.2 views

Schneider Electric Unity PRO Remote Code Execution Vulnerability

Unity Pro is the universal IEC61131-3 programming, debugging and runtime software package for Premium, Atrium and Quantum PLCs. A remote code execution vulnerability exists in Schneider Electric Unity PRO in an insecure file download, which can be exploited by a remote attacker to execute arbitra...

8.5AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

eRoom 6.0 Plug-In Insecure File Download Handling Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14176/info The eRoom plug-in is prone to an insecure file download handling vulnerability. The issue is due to a design fault, where files that are shared by users are apparently passed to default file handlers when...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/10/26 12:0 a.m.26 views

Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities

Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================= FILE INFO:...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2012/10/26 12:0 a.m.35 views

Aladdin Knowledge System Ltd. Active-X Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================= FILE INFO: ============================================================================================= Aladdin Knowledge System Ltd. PrivAgent ActiveX...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/26 12:0 a.m.40 views

Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================================= FILE INFO: ============================================================================================= Aladdin Knowledge System Ltd. PrivAgent ActiveX...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/10/25 12:0 a.m.31 views

Aladdin Knowledge System Ltd PrivAgent ActiveX Control 2.0 Multiple Vulnerabilities

Exploit for windows platform in category dos / poc ============================================================================================= FILE INFO: ============================================================================================= Aladdin Knowledge System Ltd. PrivAgent ActiveX...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/06 12:0 a.m.24 views

eRoom 6.0 PlugIn - Insecure File Download Handling

source: https://www.securityfocus.com/bid/14176/info The eRoom plug-in is prone to an insecure file download handling vulnerability. The issue is due to a design fault, where files that are shared by users are apparently passed to default file handlers when downloaded. This can occur without user...

7.4AI score
Exploits0
Rows per page
Query Builder